package test.security;

import java.util.Arrays;

import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Aspect
@Component
public class RoleChecker {
    @Autowired
    private SecurityContext securityContext;

    @Before("@annotation(allow)")
    public void checkRole(Allow allow) {
        if(!Arrays.asList(allow.value()).contains(securityContext.getUserRole())) {
            throw new SecurityException("Access denied");
        }
    }
}
